Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adds filename to sha256 file for use with sha256 -c #17

Merged
merged 1 commit into from Jun 13, 2018
Merged

Adds filename to sha256 file for use with sha256 -c #17

merged 1 commit into from Jun 13, 2018

Conversation

samueldr
Copy link
Member

@samueldr samueldr commented Jun 6, 2018

The manpage says:

The sums are computed as described in FIPS-180-2. When checking, the input should be a former
output of this program. The default mode is to print a line with checksum, a space, a character
indicating input mode ('*' for binary, ' ' for text or where binary is insignificant), and name
for each FILE.

By adding the filename to the generated sha256 file, a user would be
able to download an iso, the sha256 file, then use sha256 -c [file].iso.sha256 to verify the file.

This fixes nixos-homepage#224

Additional notes

Breaking assumptions

This could break assumptions where the .sha256 files were previously used as they were. I have briefly looked and couldn't find evidence of such use.

Testing

I couldn't test the entire changes in-place, but here's how I tested them:

Using this test.pl file,

~/.../nixos/nixos-channel-scripts $ nix-shell -p perl -p perlPackages.FileSlurp
[nix-shell:~/.../nixos/nixos-channel-scripts]$ ./test.pl
[nix-shell:~/.../nixos/nixos-channel-scripts]$ cd tmp/
[nix-shell:~/.../nixos-channel-scripts/tmp]$ ls
testing  testing.sha256
[nix-shell:~/.../nixos-channel-scripts/tmp]$ sha256sum -c testing.sha256
testing: OK

So at least, the basic code is expected to work.

Am I right in assuming there is no test suite for the mirroring script?

@samueldr
Adds filename to sha256 file for use with sha256 -c
2181f3c 
The manpage says:

> The  sums  are  computed as described in FIPS-180-2.  When checking, the input should be a former
> output of this program.  The default mode is to print a line with checksum, **a space, a  character
> indicating  input  mode ('*' for binary, ' ' for text or where binary is insignificant),** and name
> for each FILE.

By adding the filename to the generated sha256 file, a user would be
able to download an iso, the sha256 file, then use `sha256 -c
[file].iso.sha256` to verify the file.

* * *

This fixes nixos-homepage#224
@grahamc
Copy link
Member

grahamc commented Jun 6, 2018

Nice, LGTM

@edolstra edolstra merged commit 97d9e3e into NixOS:master Jun 13, 2018
@samueldr samueldr deleted the sha256sum-check branch August 15, 2019 04:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Files containg checksums doesn't contain file names
3 participants
@samueldr @grahamc @edolstra